Vulnerabilities > Adobe > Acrobat > 10.1.11

DATE CVE VULNERABILITY TITLE RISK
2014-12-10 CVE-2014-8445 Code Injection vulnerability in multiple products
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.
network
low complexity
adobe apple microsoft CWE-94
critical
10.0
2014-11-30 CVE-2014-9150 Race Condition vulnerability in Adobe Acrobat and Acrobat Reader
Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568.
network
low complexity
adobe microsoft CWE-362
6.4
2014-09-17 CVE-2014-0568 Security Bypass vulnerability in Adobe Reader and Acrobat
The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.
network
low complexity
adobe microsoft
critical
10.0
2014-09-17 CVE-2014-0567 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0561.
network
low complexity
adobe apple microsoft CWE-119
critical
10.0
2014-09-17 CVE-2014-0566 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0565.
network
low complexity
adobe CWE-119
critical
10.0
2014-09-17 CVE-2014-0565 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0566.
network
low complexity
adobe apple microsoft CWE-119
critical
10.0
2014-09-17 CVE-2014-0563 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe apple microsoft CWE-119
7.8
2014-09-17 CVE-2014-0562 Cross-Site Scripting vulnerability in Adobe Acrobat and Acrobat Reader
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."
4.3
2014-09-17 CVE-2014-0561 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567.
network
low complexity
adobe apple microsoft CWE-119
critical
10.0
2014-09-17 CVE-2014-0560 Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft CWE-399
critical
10.0